Vulnerability CVE-2022-45062: Information
Description
In Xfce xfce4-settings before 4.16.4 and 4.17.x before 4.17.1, there is an argument injection vulnerability in xfce4-mime-helper.
Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
|---|---|---|---|---|---|---|
| libexo | p9 | 0.12.11-alt3 | 0.12.11-alt3 | ALT-PU-2022-3168-1 | 310173 | Fixed |
| libexo | p9_e2k | 0.12.11-alt3 | 0.12.11-alt3 | ALT-PU-2022-7357-1 | - | Fixed |
| xfce4-settings | sisyphus | 4.17.1-alt1 | 4.18.4-alt1 | ALT-PU-2022-3023-1 | 309703 | Fixed |
| xfce4-settings | sisyphus_e2k | 4.17.1-alt1 | 4.18.4-alt1 | ALT-PU-2022-7033-1 | - | Fixed |
| xfce4-settings | sisyphus_riscv64 | 4.17.1-alt1 | 4.18.4-alt1 | ALT-PU-2022-6979-1 | - | Fixed |
| xfce4-settings | p10 | 4.16.5-alt1 | 4.18.4-alt1 | ALT-PU-2022-3101-1 | 309704 | Fixed |
| xfce4-settings | p10_e2k | 4.16.5-alt1 | 4.18.4-alt1 | ALT-PU-2022-7098-1 | - | Fixed |
| xfce4-settings | c10f1 | 4.16.5-alt1 | 4.16.5-alt1 | ALT-PU-2022-3101-1 | 309704 | Fixed |
| xfce4-settings | p11 | 4.17.1-alt1 | 4.18.4-alt1 | ALT-PU-2022-3023-1 | 309703 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
|---|---|
| https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/55e3c5fb667e96ad1412cf249879262b369d28d7 |
|
| https://gitlab.xfce.org/xfce/xfce4-settings/-/commit/f34a92a84f96268ad24a7a13fd5edc9f1d526110 |
|
| https://gitlab.xfce.org/xfce/xfce4-settings/-/tags |
|
| https://gitlab.xfce.org/xfce/xfce4-settings/-/issues/390 |
|
| DSA-5296 |
|
| GLSA-202305-05 | |
| FEDORA-2022-7febff96e0 |